52e8aad8587aee7d1555338be11e81a46bc9aba02300bcda3f6df4051cdf17be

Sharing

Copy URL

Twitter E-mail

General

Target

52e8aad8587aee7d1555338be11e81a46bc9aba02300bcda3f6df4051cdf17be
Size

436KB
MD5

39504c9c134a4e360844dfdc9a297190
SHA1

988ab594cdeb2532461f7487b7ad8d86749614f7
SHA256

52e8aad8587aee7d1555338be11e81a46bc9aba02300bcda3f6df4051cdf17be
SHA512

48e8d3e21892a1d727f734ea743f157eb3352dfc85663b95e762ef51823f80ffcf9aab64c1ffe049343936a158b2d1f705a2e705d60ed3c5c46c858bd454c97e
SSDEEP

6144:Il/b3wIS8xrHuotPQbc6goLmJI8ILQiVMmwlQV0EY9ROX:IlAyrpt6d3qeQi9wnEYGX

Score

N/A

Malware Config

Signatures

Files

52e8aad8587aee7d1555338be11e81a46bc9aba02300bcda3f6df4051cdf17be
.dll windows x86

cdf23152fb1defb3d247360a63c58a45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
ChangeTimerQueueTimer
CloseHandle
CreateFileA
EnumLanguageGroupLocalesA
ExitProcess
FillConsoleOutputCharacterW
FindAtomW
GetCommandLineA
GetComputerNameExA
GetConsoleWindow
GetExitCodeThread
GetModuleFileNameW
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProfileStringA
GetSystemWindowsDirectoryA
GetTickCount
GetWriteWatch
InterlockedDecrement
InterlockedIncrement
IsValidCodePage
LocalAlloc
LocalFree
OpenJobObjectA
OutputDebugStringW
Process32FirstW
QueryPerformanceCounter
ReadConsoleW
SearchPathA
SetConsoleWindowInfo
SetErrorMode
SetProcessPriorityBoost
SetThreadAffinityMask
WaitForSingleObject
WritePrivateProfileSectionA
_lclose
_lread
lstrcatW
CommConfigDialogA
CompareStringA
CompareStringW
FindResourceA
FindResourceExW
FlushFileBuffers
FreeLibrary
GetLargestConsoleWindowSize
GetLocaleInfoA
GetModuleHandleW
GetProcAddress
GetWindowsDirectoryA
HeapDestroy
IsDBCSLeadByteEx
LoadLibraryA
LoadLibraryW
LoadResource
LocalReAlloc
LockResource
MultiByteToWideChar
PulseEvent
UnmapViewOfFile
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
GetComputerNameA
CopyFileExW
CreateFileW
CreateTimerQueueTimer
DeleteTimerQueue
DeleteVolumeMountPointW
DeviceIoControl
FindClose
FindFirstFileW
GetCurrentProcessId
GetCurrentThreadId
GetProcessHeap
GetSystemTimeAsFileTime
InterlockedCompareExchange
InterlockedExchange
Sleep
WriteProcessMemory
lstrcpynW
BackupWrite
DisableThreadLibraryCalls
FileTimeToSystemTime
FlushViewOfFile
GetCurrentProcess
GetProfileStringW
GetUserDefaultLCID
GetWindowsDirectoryW
GlobalUnlock
LocalFileTimeToFileTime
ReadDirectoryChangesW
SetCommMask
SetLocaleInfoA
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
WritePrivateProfileSectionW
GetFileAttributesA
WritePrivateProfileStringW
lstrcmpW
lstrcmpiA
lstrcmpiW
GetLastError
ReadFile
SetFileTime
CreateProcessW
DuplicateHandle
MoveFileW
MoveFileA
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
GetDriveTypeA
GetFullPathNameA
CreatePipe
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocalTime
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetVersionExA
RaiseException
GetCPInfo
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
GetModuleFileNameA
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
IsDebuggerPresent
SetConsoleCtrlHandler
InitializeCriticalSection
HeapSize
HeapReAlloc
GetStringTypeA
GetStringTypeW
SetFilePointer
SetStdHandle
RtlUnwind
CreateProcessA
GetFileAttributesW
GetConsoleCP
VirtualQuery
GetExitCodeProcess
HeapCreate
VirtualFree
GetTimeFormatA
GetDateFormatA
GetCurrentDirectoryA
SetCurrentDirectoryA
FindNextFileW
FileTimeToLocalFileTime
GetDriveTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
GetTimeZoneInformation
SetEndOfFile
SetEnvironmentVariableA
FindFirstFileA
FindNextFileA
GetFullPathNameW
SetEnvironmentVariableW

oleaut32

DispCallFunc
VarCyFromDec
VarCySu
VarDateFromR8
VarFormatFromTokens
VarInt
VarR8Pow
VarUI2FromDate
VarAnd
VarI1FromI2
SafeArrayAllocData
SafeArraySetIID
VarAbs
VarI2FromI4
GetErrorInfo
VarDateFromI4
VarDecFromR4
VarI1FromUI4
VarI4FromUI4
VarOr
VarR4FromR8
VarR8Round
SafeArrayGetLBound

rpcrt4

I_RpcFreePipeBuffer
NdrConformantVaryingStructFree
NdrProxyGetBuffer
NdrSimpleTypeUnmarshall
RpcServerUseProtseqIfExA
RpcServerYield
NDRCContextBinding
NdrClientContextMarshall
NdrClientContextUnmarshall
NdrClientInitializeNew
NdrConformantArrayBufferSize
NdrConformantArrayMarshall
NdrConformantVaryingArrayUnmarshall
NdrConvert
NdrFreeBuffer
NdrGetBuffer
NdrSendReceive
RpcBindingFree
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcNetworkIsProtseqValidA
I_RpcTransConnectionAllocatePacket
NdrEncapsulatedUnionUnmarshall
RpcEpUnregister
I_RpcServerSetAddressChangeFn
NdrComplexStructMemorySize
NdrCorrelationPass
NdrPointerUnmarshall
RpcSsSetClientAllocFree
NdrSimpleTypeMarshall

shell32

DragFinish
DragQueryFileA
SHBrowseForFolderW
SHGetDataFromIDListA
SHGetFileInfoA
SHGetIconOverlayIndexA
WOWShellExecute
SHGetDiskFreeSpaceA
ShellHookProc

Exports

Exports

vlffhuvirhe

Sections

.text
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdf23152fb1defb3d247360a63c58a45

Headers

File Characteristics

Imports

kernel32

oleaut32

rpcrt4

shell32

Exports

Exports

Sections

.text Size: 308KB - Virtual size: 307KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 28KB - Virtual size: 39KB

.reloc Size: 16KB - Virtual size: 14KB

.text
Size: 308KB - Virtual size: 307KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 28KB - Virtual size: 39KB

.reloc
Size: 16KB - Virtual size: 14KB